Many times we want to implement pre-processing logic before a request hits the IIS resources. For instance you would like to apply security mechanism, URL rewriting, filter something in the request etc. ASP.NET has provided two types of interception HttpModule and HttpHandler. This article walks through it.

Many times we want to implement pre-processing logic before a request hits the IIS resources. For instance you would like to apply security mechanism, URL rewriting, filter something in the request etc. ASP.NET has provided two types of interception HttpModule and HttpHandler. This article walks through it.

For past some days I have been writing and recording videos in design patterns, UML, FPA, Enterprise blocks and lot you can watch the videos at http://www.questpond.com

Many times we need to inject some kind of logic before the page is requested. Some of the commonly used pre-processing logics are stat counters, URL rewriting, authentication / authorization and many more. We can do this in the behind code but then that can lead to lot of complication and tangled code. Behind code will not solve the purpose because in some implementations like authorization where we want the logic to execute before it reaches the resource. ASP.NET provides two ways of injecting logic in the request pipeline ‘HttpHandlers’ and ‘HttpModules ’.

‘HttpHandler’ help us to inject pre-processing logic based on the extension of the file name requested. So when a page is requested ‘HttpHandler’ executes on the base of extension file names and on the base of verbs. For instance you can visualize from the figure below how we have different handlers mapped to file extension. We can also map one handler to multiple file extensions. For instance when any client request for file with extension ‘GIF’ and ‘JPEG’, ‘handler3’ pre-processing logic executes.

‘HttpModule’ is an event based methodology to inject pre-processing logic before any resource is requested. When any client sends a request for a resource, the request pipeline emits lot of events as shown in the below figure.

Below is a detailed explanation of the events we have just pasted this from http://support.microsoft.com/kb/307985 .BeginRequest: Request has been started. If you need to do something at the beginning of a request (for example, display advertisement banners at the top of each page), synchronize this event.

AuthenticateRequest: If you want to plug in your own custom authentication scheme (for example, look up a user against a database to validate the password), build a module that synchronizes this event and authenticates the user how you want to.

AuthorizeRequest: This event is used internally to implement authorization mechanisms (for example, to store your access control lists (ACLs) in a database rather than in the file system). Although you can override this event, there are not many good reasons to do so.

PreRequestHandlerExecute: This event occurs before the HTTP handler is executed.

PostRequestHandlerExecute: This event occurs after the HTTP handler is executed.

EndRequest: Request has been completed. You may want to build a debugging module that gathers information throughout the request and then writes the information to the page.

We can register these events with the ‘HttpModules’. So when the request pipe line executes depending on the event registered the logic from the modules is processed.

“Modules are called before and after the handler executes. Modules enable developers to intercept, participate in, or modify each individual request. Handlers are used to process individual endpoint requests. Handlers enable the ASP.NET framework to process individual HTTP URLs or groups of URL extensions within an application. Unlike modules, only one handler is used to process a request”.

‘HttpHandlers’ are nothing but classes which have pre-processing logic implemented. So the first thing is to create a class project and reference System.Web namespace and implement the ‘IHttpHandler’ interface as shown in the below code snippet. ‘IHttpHandler’ interface has two methods which needs to be implemented one is the ‘ProcessRequest’ and the other is the ‘IsResuable’. In the ‘ProcessRequest’ method we are just entering the URL in to the file and displaying the same in to the browser. We have manipulated the context response object to send the display to the browser.

Once done request for page name with extension ‘Shiv’ and you should see a display as shown below. So what has happened is when the IIS see’s that request is for a ‘.shiv’ page extension it just calls the ‘clsMyHandler’ class pre-processing logic.

As discussed previously ‘HttpModule’ are event pre-processor. So the first thing is to implement the ‘IHttpModule’ and register the necessary events which this module should subscribe. For instance we have registered in this sample for ‘BeginRequest’ and ‘EndRequest’ events. In those events we have just written an entry on to the log file.

If you run the code you should see something like this in the ‘RequestLog.txt’. The above example is not so practical. But it will help us understand the fundamentals.

Begin request called at 11/12/2008 6:32:00 PMEnd Request called at 11/12/2008 6:32:00 PMBegin request called at 11/12/2008 6:32:03 PMEnd Request called at 11/12/2008 6:32:03 PMBegin request called at 11/12/2008 6:32:06 PMEnd Request called at 11/12/2008 6:32:06 PMBegin request called at 11/12/2008 8:36:04 PMEnd Request called at 11/12/2008 8:36:04 PMBegin request called at 11/12/2008 8:37:06 PMEnd Request called at 11/12/2008 8:37:06 PMBegin request called at 11/12/2008 8:37:09 PMEnd Request called at 11/12/2008 8:37:09 PMBegin request called at 11/12/2008 8:37:38 PMPage requested at 11/12/2008 8:37:38 PM/WebSiteHandlerDemo/Articles.shivEnd Request called at 11/12/2008 8:37:38 PM